Purpose: To encode a private file for secure storage or sending. The file can only be decoded by someone with the right password

Use carefully - If you encode your secret fish sauce recipe and forget the password it may be lost for ever

This is two lines of code
that uses "xdialog" and 448 bits Blowfish encryption to encrypt any file

The first line calls the file with the "xdialog" widget
The second line takes the file variable ($FILE)
and asks you for an encrypting password

"rxvt -e bcrypt" opens a console window and starts bcrypt
bcrypt uses the file you have opened ($FILE) in the previous line

You will be prompted for the same encryption key twice when encoding
and once when decrypting/decoding
Use a secure encryption key of 8 digits/characters or more (case sensitive)
and DO NOT FORGET IT - otherwise you will need several years of supercomputer time to decode . . .

When encoded the file is renamed with the extension .bfe
so "mysecret.txt"
becomes the encrypted file "mysecret.txt.bfe"
"mysecret.txt" no longer exists

When decrypting, the .bfe (encrypted file) is located
When the password/keyword is added
the file regains its original name as the .bfe extension is removed

Rename files with spaces eg "this has space.txt" to "this_has_no_space.txt"

It is in fact a text file (the dotpup version contains comments which are placed after the "#")
Xdialog is a widget a small program written in C that can be called with various parameters ( it is of course built into Puppy)
http://xdialog.dyns.net/

This first line identifies the code as a runnable script
To make it runnable you right click and select permissions and change what is a text file into an executible

Very good name as well as application helper.
Now riddle me this ? Can bcrypt be used to encrypt folder's ?
And how well does bcrypt stand up to other encryption tools ?
Thanks._________________Heaven is on the way, until then let's get the truth out!

Very good name as well as application helper.
Now riddle me this ? Can bcrypt be used to encrypt folder's ?
And how well does bcrypt stand up to other encryption tools ?
Thanks.

klh, Blowfish, the encryption algorythm that bcrypt uses, has no known attacks, or at least it didn't the last time I read up on the various encryption algorythms a few months ago. It is fairly old now though, and uses a 64 bit block where most all of the newer ones use a 128 bit block. Go here: http://www.schneier.com/blowfish.html and learn more about the algorythm. I see no reason not to trust Blowfish at this time, but given a preference I would choose Twofish or perhaps Serpent.

A great many laws in a country, like many physicians, is a sign of malady.

~ Voltaire

Liberty is not a means to a higher political end. It is itself the highest political end. ~ Lord Acton

The price of apathy towards public affairs is to be ruled by evil men.

Yes I also like this feature to be developed in future versions! Imagine, put all your files in a certain folder then encrypt it. That would be cool. If someone have stolen my multisession puppy cd, there will be no problem coz my files are secured!

Good work there Lobster! How about encrypting multiple files?

Now, we are going to another level... _________________"If you have knowledge, let others light their candles in it."
~Margaret Fuller

It could tar whatever it's encrypting, which could make encrypting directories and multiple files possible._________________Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Well pizza, I have one folder full of writing's and stuff of that nature.
I would not want to have to tar it everytime & untar it everytime I go to use it. But having it maybe encrypted or password protected would be a good fit.
I think MU had developed some type of password protection upon booting into puppy maybe this can be used for the purpose I am wanting ?
But at the same time having it encrypted plus it is password protected would be an even greater feature. Like I mentioned on the LatestNews page bcrypt can be compiled very easily, so maybe someone with better understanding can see if we could implement folder encryption as well ?

Thanks._________________Heaven is on the way, until then let's get the truth out!

I meant the 007.pup that Lobster made could automatically do the tar/untaring (sounds like we're making a highway or somthing) so we wouldn't have to. That would be inconvenient to do everytime, but if the script did it it wouldn't be too bad.

I don't remember much about MU's thing, but Puppy has with the ability to use encrypted pupfiles. You have to remaster the cd to change the isolinlux.conf file, though. Next week I'm going to work on a puplet that uses a combination of the encrypted pupfile and choosing the pupfile to simulate logging in. It won't be a normal multi-user setup, but it's more than what the standard Puppy does._________________Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Well now that you explain it, it is feasible. But for those with large folder's this would create hassle. But I admire your creativity. If more people read this thread we might get more responses and ideas.
Thanks._________________Heaven is on the way, until then let's get the truth out!

I have only one reservation about Linux as it is usually implemented for ordinary (technically unwashed) users: Applied encryption is not up to MS Windows standards; or to put it differently, MS Windows platforms offer easy-to-implement strong encryption for ordinary users, and Linux does not.

Let me explain.

1. On Windows 98 SE and later platforms you can use JETICO's BestCrypt to encrypt files, encrypt entire disks, and what is possibly more important, with JETICO's BestCrypt you can encrypt your Windows SWAP file, all within the rubric of 448 BlowFish, and beyond. http://www.jetico.com/

2. On Windows 98 SE and later platforms you can use PGP freeware 602i to encrypt files and entire disks (but not your SWAP file) using the strong
encryption provided by the muscular PGP 602 international release.
http://www.pgpi.org/cgi/download.cgi?filename=PGPfreeware602i.exe

3. The Finnish entity LBA Linux (formerly SOT Linux) was about to release a beta version of LBA Linux R3 in April-May 2005 when the project was canceled for reasons unrelated to the viability of the R3 Linux release then under development. To this end LBA Linux published the following statement in February 2005:

"In earlier versions of LBA-Linux, individual users could have a single encrypted folder. LBA-Linux R3 extends this idea to the entire hard drive.

"'The entire file system can be locked with a password', explained SOT Project Manager Aleksei Rovenski.

"'It's an extra layer of security. Even if an encrypted computer is stolen, the data stored on it remains locked down. No information can be retrieved from the hard disk without the password. It will give LBA-Linux users peace of mind, knowing that their sensitive files are protected. It's a privacy thing.'"

4. Through a Finnish source I was able to obtain an early ISO copy of LBA Linux R3 alpha and the darn thing worked, which is to say, the entire Linux filesystem was indeed encrypted and the Linux R3 OS ran at least as fast as my release copy of LBA R2. Unhappily my technical sophistication is not up to describing how LBA Linux R3 accomplished this feat, but I can say that the resulting LBA R3 ISO installation worked very well indeed. Although it must be allowed that an unsupported alpha release of LBA R3 is not to be used everyday by the technically unwashed, like me.

5. Based on my experience with Windows JETICO BestCrypt and Windows PGP and Windows PGD-Disk, and my continuing happy experience with LBA Linux R3 alpha, I can say that this level of encryption works, that it does not slow the computer noticeably -- or at all, and that this level of SWAP encryption, disk encryption, and file encryption is fast becoming a necessity. Parenthetically, it is safe to say that the average computer user and or average Internet user is now more than fully qualified to say why it is that this level of encryption is fast becoming a necessity.

6. Ergo, Puppy Linux should offer encrypted SWAP files, encrypted disks and or filesystems, and encrypted files. For reasons that ought to be perfectly clear. And it is clear that given currently available software, as proved by the early LBA Linux R3 alpha release, as well as proved by the JETICO BestCrypt and PGP freeware packages described above, the everyday encryption of SWAP, OS filesystems, and ordinary files is or ought to be available right now.

I have only one reservation about Linux as it is usually implemented for ordinary (technically unwashed) users: Applied encryption is not up to MS Windows standards; or to put it differently, MS Windows platforms offer easy-to-implement strong encryption for ordinary users, and Linux does not.

Are you sure Raman? It could be. I thought there were some very secure Linux systems for the ultra guilty/paranoid?

The technically unwashed will be surprised to know that the most secure encryption is bypassed by keyloggers. Programs that reside in memory and record and optionally send out a log of keys pressed - including those wonderful impossible to break passwords . . . Most of course target Windows.

Malware is rife on MS Windows with its 'Applied encryption'. It is one of the main reasons I moved. I no longer controlled my desktop. Is this a problem on Linux? I do not know. With Weendose you also get virii, trojans and other assorted malware, some of which is incorporated with MS compliance. Spyware is built into Windows. Some is known but because it is closed source no one knows how much is there for sure. Some spyware is NSA based and also there is a commercial spyware system that reports back to MS, built into wmv and other systems.

Since using Puppy I have not had to bother with AVG, spywarebot and the other assorted wonders of supporting a kludged and compromised malware magnet OS - aka MS Windosn't

The program I have posted will secure individual files. For most purposes it is fine. What do others think? What is your experience?

Hi Folks,
Has anyone looked at TrueCrypt over at http://www.truecrypt.org. Instead of simply encypting files, it allows someone to setup encryptable container files, which can be mounted within the program as actual drives. It supports various encyption standards such as "AES-256, Blowfish (448-bit key), CAST5, Serpent (256-bit key), Triple DES, and Twofish (256-bit key)." It is opensource and there is both Windows and Linux versions available with source code to compile your own copy.

I am still a linux newbie, but maybe somebody could build a dotpup from this.

Here is a nice story for you security Puppys about spear phishing (this is part of social engineering)
http://tinyurl.com/7blsz

My theory is I should provide my passwords as a web page
but I am too much of a woos (woos = coward) Anyone up for it (great honeypot idea) . . .

I have always found that virus attacks and hacking attacks are 90% imagination - apart from Windows where it is 90% of the OS function
"We control your desktop - and pay us for the privilege" - eh yes Bill . . .
On a separate issue Ajax (aka web2) will be rife as a security loophole - it is a mess (but I loves it none the less)
Great services - with new ones all the time . . .
http://www.emilychang.com/go/ehub/alpha/

I have only one reservation about Linux as it is usually implemented for ordinary (technically unwashed) users: Applied encryption is not up to MS Windows standards; or to put it differently, MS Windows platforms offer easy-to-implement strong encryption for ordinary users, and Linux does not.

Are you sure Raman? It could be. I thought there were some very secure Linux systems for the ultra guilty/paranoid?

The technically unwashed will be surprised to know that the most secure encryption is bypassed by keyloggers. Programs that reside in memory and record and optionally send out a log of keys pressed - including those wonderful impossible to break passwords . . . Most of course target Windows.

Malware is rife on MS Windows with its 'Applied encryption'. It is one of the main reasons I moved. I no longer controlled my desktop. Is this a problem on Linux? I do not know. With Weendose you also get virii, trojans and other assorted malware, some of which is incorporated with MS compliance. Spyware is built into Windows. Some is known but because it is closed source no one knows how much is there for sure. Some spyware is NSA based and also there is a commercial spyware system that reports back to MS, built into wmv and other systems.

Since using Puppy I have not had to bother with AVG, spywarebot and the other assorted wonders of supporting a kludged and compromised malware magnet OS - aka MS Windosn't

The program I have posted will secure individual files. For most purposes it is fine. What do others think? What is your experience?

Lobster, he is partially correct. There are a lot more very good encryption programs available for windows. However there are some very good ones available for Linux. Bcrypt, which you made the dotpup is good, however the Blowfish algorythm is getting pretty old. As of the last time I read up on it there were no known attacks on it. GnuPG, which I made a dotpup for is also very good. It of course is based on the source code for PGP. It is primaraly used for email encryption, but it can also be used for file encryption as well. Neither GnuPG or Bcrypt offer folder encryption though, and as of yet I've not found a program for Linux that does. The one point that he did not make though, is that windows is so ridden with spyware, that which comes built into it and that which is drawn to it like flies to something dead, makes strong easy to use encryption a nesessity.

You brought up the question of keyloggers, and that is a very good point. While I was using windows I found an exceptional anti-keylogger program called PSM Antispy (if I remember correctly). It was unusual because it would not just detect the usual keyloggers that pick up on keyboard hooks, but it would detect kernel level keyloggers. Unfortunatly for most people it's not available anymore, but if anyone does happen to want it, I've got the installation program saved on my hard drive.

As for "the ultra guilty/paranoid", it's neither. There are some people, like myself, who still value privacy, and will expend quiet a bit of effort to maintain as much of it as possible. I can't/won't get a hotmail account due to the fact that MSN requires you to enable to much stuff that I've got disabled in my browser because it can and is used to track your activity on the net. While I know that I can't prevent whoever from watching everything I do, I can sure make them work to find out what they can.

"I believe that banking institutions are more dangerous to our liberties than standing armies . . . If the American people ever allow private banks to control the issue of their currency, first by inflation, then by deflation, the banks and corporations that will grow up around [the banks] . . . will deprive the people of all property until their children wake-up homeless on the continent their fathers conquered . . . The issuing power should be taken from the banks and restored to the people, to whom it properly belongs." ~ Thomas Jefferson ~ The Debate Over The Recharter Of The Bank Bill, (1809)

"If we do not defend ourselves none will defend us; if we yield we will be more and more pressed as we recede; and if we submit we will be trampled under foot. I hold concession or compromise to be fatal. If we concede an inch, concession would follow compromise, until our ranks would
be so broken that effectual resistance would be impossible".

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum